Deploy Oracle Commerce Platform (ATG) on Oracle Cloud Infrastructure

Oracle Commerce Platform (ATG) customers need to be able to handle complexity and to scale their infrastructure provisioning accordingly.

Static provisioning can lead to inefficiencies: under-provisioning can lead to a poor customer experience and over-provisioning can lead to negative revenue impact.

Oracle Commerce Platform on Oracle Cloud Infrastructure:

  • Increases performance: Scale all components based on customer traffic.
  • Decreases complexity: Most services are modified with a click of a button.
  • Lowers infrastructure cost: Use a pay-as-you-go model for any extra infrastructure during hot sales.
  • Reduces time to market: Provisioning is performed in a matter of minutes, not hours.
  • Optimizes licensing: Bring your own license (BYOL) maximizes current customer licenses.


This reference architecture shows Oracle Commerce Platform on Oracle Cloud Infrastructure. Oracle Cloud components replace all custom third-party network components using cluster groups deployed on private virtual cloud networks (VCNs) and leveraging the unique capability of fault domains for improved hardware fault tolerance.

The following diagram illustrates this reference architecture.

This architecture has the following components:

  • Region

    An Oracle Cloud Infrastructure region is a localized geographic area that contains one or more data centers, called availability domains. Regions are independent of other regions, and vast distances can separate them (across countries or even continents).

  • Availability domain

    Availability domains are standalone, independent data centers within a region. The physical resources in each availability domain are isolated from the resources in the other availability domains, which provides fault tolerance. Availability domains don’t share infrastructure such as power or cooling, or the internal availability domain network. So, a failure at one availability domain is unlikely to affect the other availability domains in the region.

  • Fault domains

    A fault domain is a grouping of hardware and infrastructure within an availability domain. Each availability domain has three fault domains with independent power and hardware. When you distribute resources across multiple fault domains, your applications can tolerate physical server failure, system maintenance, and power failures inside a fault domain.

  • Virtual cloud network (VCN) and subnet

    A VCN is a customizable, private network that you set up in an Oracle Cloud Infrastructure region. Like traditional data center networks, VCNs give you complete control over your network environment. You can segment VCNs into subnets, which can be scoped to a region or to an availability domain. Both regional subnets and availability domain-specific subnets can coexist in the same VCN. A subnet can be public or private.

  • VPN Connect

    VPN Connect provides site-to-site IPSec VPN connectivity between your on-premises network and VCNs in Oracle Cloud Infrastructure. The IPSec protocol suite encrypts IP traffic before the packets are transferred from the source to the destination and decrypts the traffic when it arrives.

  • FastConnect

    Oracle Cloud Infrastructure FastConnect provides an easy way to create a dedicated, private connection between your data center and Oracle Cloud Infrastructure. FastConnect provides higher-bandwidth options and a more reliable networking experience when compared with internet-based connections.

  • Load balancer

    The Oracle Cloud Infrastructure Load Balancing service provides automated traffic distribution from a single entry point to multiple servers in the back end.

  • Bastion host

    The bastion host is a compute instance that serves as a secure, controlled entry point to the topology from outside the cloud. The bastion host is provisioned typically in a demilitarized zone (DMZ). It enables you to protect sensitive resources by placing them in private networks that can't be accessed directly from outside the cloud. The topology has a single, known entry point that you can monitor and audit regularly. So, you can avoid exposing the more sensitive components of the topology without compromising access to them.

  • Storefront tier

    The storefront application compiles all necessary web components and sends it to the customer's web browser. The storefront is deployed using front-end technologies, which consume API services directly from ATG API or API Gateway.

  • ATG API tier

    ATG exposes all of its functionality through REST APIs and can be consumed directly by a custom front end or enriched by an API Gateway.

  • Endeca MDEX tier

    Endeca delivers guided navigation, search capabilities, and user segmentation. The Endeca topology usually contains two MDEX clusters.

    The following diagram shows two MDEX clusters residing in different fault domains.

  • Customer Service Center (CSC) tier

    CSC has its own set of users who have higher privilege in the system. Segmenting the traffic allows fine-grained access control and enhances auditing capabilities.

  • Administration tier

    The administration tier segregates services such as Business Control Center, Experience Manager, and WebLogic administration on a dedicated subnet, isolating user traffic from administration, enabling tighter access control.

  • File storage

    The Oracle Cloud Infrastructure File Storage service provides a durable, scalable, secure, enterprise-grade network file system. You can connect to a File Storage service file system from any bare metal, virtual machine, or container instance in a VCN. You can also access a file system from outside the VCN by using Oracle Cloud Infrastructure FastConnect and IPSec VPN.

  • Autonomous Transaction Processing

    Oracle Autonomous Transaction Processing is a self-driving, self-securing, self-repairing database service that is tuned and optimized for transaction processing workloads. It can instantly scale to meet the demands of mission-critical applications. You do not need to configure or manage any hardware, or install any software. Autonomous Transaction Processing handles creating, backing up, patching and upgrading the database. It also handles growing or shrinking the database.


Use the following recommendations as a starting point. Your requirements might differ.

  • Cluster groups

    To accommodate each fault domain, consider having three clusters per application layer (except MDEX).

  • Subnet isolation

    Isolated subnets allow for better fine-grained security lists and network security groups. Avoid mixing the customer data pipeline and the administration pipeline.

  • Autonomous services

    Use autonomous services whenever possible. During deployment design, consider Autonomous Linux and Autonomous Transaction Processing.

  • MDEX index update

    Endeca has two approaches to updating MDEX indexes: partial and full (also known as baseline updates). Both updates require you to stop, update, and start an MDEX. Endeca has logical groups known as distribution groups that enable a set of MDEX indexes to be updated.

    We recommend that you have two distribution groups to maintain consistency and avoid down times.

    The following diagrams show the index update process using two distribution groups:


Consider the following points when deploying this reference architecture.

  • Back-end services

    Bring all possible back-end services into Oracle Cloud Infrastructure. This streamlines the architecture and avoids unnecessary traffic between Oracle Cloud Infrastructure and on-premises data centers, decreases latency, and improves customer experience.

    Oracle Cloud offers IPSec VPN and dedicated FastConnect solutions to connect your existing on-premises data center or provider.

  • Security

    Avoid mixing user traffic and administration traffic. Adding other virtual network interface cards (VNICs) on client-serving instances allows you to split such traffic.

  • Availability

    Some regions offer multiple availability domains, which allow higher availability with higher redundancy. Consider deploying your e-commerce solution on multiple availability domains to take advantage of this redundancy.

    Also consider having a disaster recovery plan in a different region with the appropriate redundancy.

  • Cost

    Take advantage of the pay-as-you-go model. Allocating more standard virtual machines during special sales minimizes cost and avoids paying for up-front resources.


The Terraform code to provision the networking, compute, and storage infrastructure required to deploy Oracle Commerce Platform (ATG) on Oracle Cloud Infrastructure is available in GitHub.

  1. Go to GitHub.
  2. Clone or download the repository to your local computer.
  3. Follow the instructions in the README document.